Class: Unmagic::Passkeys::WebAuthn::Authenticator::Attestation

Inherits:

Object

• Object
• Unmagic::Passkeys::WebAuthn::Authenticator::Attestation

Defined in:

lib/unmagic/passkeys/web_authn/authenticator/attestation.rb

Overview

Action Pack WebAuthn Attestation

Decodes and represents the attestation object returned by an authenticator during registration. The attestation object is CBOR-encoded and contains the authenticator data along with an optional attestation statement.

Usage

attestation = Unmagic::Passkeys::WebAuthn::Authenticator::Attestation.decode(
  attestation_object_bytes
)

attestation.credential_id  # => "abc123..."
attestation.public_key     # => OpenSSL::PKey::EC
attestation.sign_count     # => 0

Attributes

authenticator_data

The parsed Data containing credential information.

format

The attestation statement format (e.g., “none”, “packed”, “fido-u2f”).

attestation_statement

The attestation statement, which may contain a signature from the authenticator manufacturer. Empty for “none” format.

Delegated Methods

The following methods are delegated to authenticator_data:

• credential_id - Base64URL-encoded credential identifier

• public_key - OpenSSL public key object

• public_key_bytes - Raw COSE key bytes

• sign_count - Signature counter for replay detection

Instance Attribute Summary

• #attestation_statement ⇒ Object readonly

  Returns the value of attribute attestation_statement.

• #authenticator_data ⇒ Object readonly

  Returns the value of attribute authenticator_data.

• #format ⇒ Object readonly

  Returns the value of attribute format.

Class Method Summary

• .decode(bytes) ⇒ Object

  Decodes a CBOR-encoded attestation object into an Attestation instance.

• .wrap(data) ⇒ Object

  Wraps raw attestation data into an Attestation instance.

Instance Method Summary

• #initialize(authenticator_data:, format:, attestation_statement:) ⇒ Attestation constructor

  A new instance of Attestation.

Constructor Details

#initialize(authenticator_data:, format:, attestation_statement:) ⇒ Attestation

Returns a new instance of Attestation.

# File 'lib/unmagic/passkeys/web_authn/authenticator/attestation.rb', line 68

def initialize(authenticator_data:, format:, attestation_statement:)
  @authenticator_data = authenticator_data
  @format = format
  @attestation_statement = attestation_statement
end

Instance Attribute Details

#attestation_statement ⇒ Object (readonly)

Returns the value of attribute attestation_statement.

# File 'lib/unmagic/passkeys/web_authn/authenticator/attestation.rb', line 39

def attestation_statement
  @attestation_statement
end

#authenticator_data ⇒ Object (readonly)

Returns the value of attribute authenticator_data.

# File 'lib/unmagic/passkeys/web_authn/authenticator/attestation.rb', line 39

def authenticator_data
  @authenticator_data
end

#format ⇒ Object (readonly)

Returns the value of attribute format.

# File 'lib/unmagic/passkeys/web_authn/authenticator/attestation.rb', line 39

def format
  @format
end

Class Method Details

.decode(bytes) ⇒ Object

Decodes a CBOR-encoded attestation object into an Attestation instance.

# File 'lib/unmagic/passkeys/web_authn/authenticator/attestation.rb', line 58

def self.decode(bytes)
  cbor = Unmagic::Passkeys::WebAuthn::CborDecoder.decode(bytes)

  new(
    authenticator_data: Unmagic::Passkeys::WebAuthn::Authenticator::Data.decode(cbor["authData"]),
    format: cbor["fmt"],
    attestation_statement: cbor["attStmt"]
  )
end

.wrap(data) ⇒ Object

Wraps raw attestation data into an Attestation instance. Accepts an existing Attestation object (returned as-is), a Base64URL-encoded string, or raw binary.

# File 'lib/unmagic/passkeys/web_authn/authenticator/attestation.rb', line 46

def self.wrap(data)
  if data.is_a?(self)
    data
  else
    data = Base64.urlsafe_decode64(data) unless data.encoding == Encoding::BINARY
    decode(data)
  end
rescue ArgumentError
  raise Unmagic::Passkeys::WebAuthn::InvalidResponseError, "Invalid base64 encoding in attestation object"
end